From da8f2dc2ceacfee11582d4f1d694b5f8540b9849 Mon Sep 17 00:00:00 2001 From: Stian Thorgersen Date: Thu, 25 Feb 2016 10:05:46 +0100 Subject: [PATCH] KEYCLOAK-2500 Add cors headers to .well-known endpoints --- .../org/keycloak/services/resources/RealmsResource.java | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java index 1ad6b7b6e3..f8c800cfcc 100755 --- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java @@ -16,6 +16,7 @@ */ package org.keycloak.services.resources; +import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.common.ClientConnection; @@ -40,6 +41,7 @@ import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; import javax.ws.rs.core.*; +import javax.ws.rs.core.Response.ResponseBuilder; /** * @author Bill Burke @@ -55,6 +57,9 @@ public class RealmsResource { @Context protected ClientConnection clientConnection; + @Context + private HttpRequest request; + public static UriBuilder realmBaseUrl(UriInfo uriInfo) { UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder(); return realmBaseUrl(baseUriBuilder); @@ -180,7 +185,9 @@ public class RealmsResource { init(name); WellKnownProvider wellKnown = session.getProvider(WellKnownProvider.class, providerName); - return Response.ok(wellKnown.getConfig()).cacheControl(CacheControlUtil.getDefaultCacheControl()).build(); + + ResponseBuilder responseBuilder = Response.ok(wellKnown.getConfig()).cacheControl(CacheControlUtil.getDefaultCacheControl()); + return Cors.add(request, responseBuilder).allowedOrigins("*").build(); } }